|
Original release date: August 4, 2021 CVE ID CVE-2021-21740 CVSS 3.1 Base Score 1.8 Low(AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) Description There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak. Affected Products and Fixes Product Name | Affected Version | Resolved Version | ZXHN H2640 | V10.0.0C6_TY | V10.0.0P6_TY |
Source The vulnerability was found by ZTE's internal test. Update Records August 4, 2021, initial. Supporting team contacts 1. ZTE GCSC hotline: 0755-26770800 800-830-1118 400-830-1118 2. Product forum at ZTE Support website. ZTE PSIRT If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.
|